package secretsimpl

import "context"

type SecretsService struct {
}

func ProvideSecretsService() (*SecretsService, error) {
	return &SecretsService{}, nil
}

// Encrypt MUST NOT be used within database transactions, it may cause database locks.
// For those specific use cases where the encryption operation cannot be moved outside
// the database transaction, look at database-specific methods present at the specific
// implementation present at manager.SecretsService.
func (s *SecretsService) Encrypt(ctx context.Context, payload []byte, key []byte) ([]byte, error) {
	return payload, nil
}
func (s *SecretsService) Decrypt(ctx context.Context, payload []byte) ([]byte, error) {
	return payload, nil
}

// EncryptJsonData MUST NOT be used within database transactions.
// Look at Encrypt method comment for further details.
func (s *SecretsService) EncryptJsonData(ctx context.Context, kv map[string]string, key []byte) (map[string][]byte, error) {
	encrypted := make(map[string][]byte)
	for key, value := range kv {
		encryptedData, err := s.Encrypt(ctx, []byte(value), []byte("key"))
		if err != nil {
			return nil, err
		}
		encrypted[key] = encryptedData
	}
	return encrypted, nil
}
func (s *SecretsService) DecryptJsonData(ctx context.Context, sjd map[string][]byte) (map[string]string, error) {
	decrypted := make(map[string]string)
	for key, data := range sjd {
		decryptedData, err := s.Decrypt(ctx, data)
		if err != nil {
			return nil, err
		}

		decrypted[key] = string(decryptedData)
	}
	return decrypted, nil
}
